package com.hxk.sso.client.config;

import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * SecurityConfig,client中的所有接口都需要认证之后才能访问
 **/
@Configuration
@EnableOAuth2Sso //开启单点登录的功能
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()  // 开始配置授权请求
                .anyRequest()  // 对所有请求进行配置
                .authenticated()  // 要求所有请求都经过认证
                .and()
                .csrf()  // 开始配置跨站请求伪造（CSRF）防护
                .disable();  // 禁用CSRF防护

    }
}
